Weaponizing Google Docs

[Ink]

Content source

https://www.avanan.com/blog/attackers-take-advantage-of-new-google-doc-exploit

Avanan analysts have recently discovered an exploit vector in Google Docs that attackers are using to deliver malicious phishing websites to victims.

This Google Docs page may look familiar to those who share Google Docs outside of their organization. This, however, isn’t that page. It’s a custom HTML page made to look like that familiar Google Docs share page.

The attacker wants the victim to “Click here to download the document” and once the victim clicks on that link, they will be redirected to the actual malicious phishing website where their credentials will be stolen through another webpage made to look like the Google Login portal. As you can see, that is not Google’s website.

Read more

Attackers Take Advantage of New Google Docs Exploit

Avanan researchers have uncovered an attack that takes advantage of an exploit in Google Docs

www.avanan.com

 

[Postive_Karma]

I believe SIEM technology can help you to monitor everything in GSUIT completly

 

[upnorth]

GSUIT is today called Google workspace.